Technology solutions to the problem are so much simpler than the rough-and-tumble of Washington politics. The networking and security technology to improve intra- and interagency data sharing has existed for years, IT managers in the intelligence community say. Acknowledging that the risks of not sharing data are greater than the potential security risks of connecting networks, some of them are moving forward with IT efforts, even in the absence of a clear mandate.
"There's always a balance between security and sharing, and the intelligence community has generally fallen on the side of security in the past," says Ryan Durante of the Department of Defense Intelligence Information System IT staff. That mind-set has been changing, he says. As program manager of the Trusted Workstation initiative, Durante and his team of IT professionals at the U.S. Air Force Research Laboratory, which manages the Intelligence Information System IT infrastructure, are deploying a system to make it easier for Defense Department intelligence analysts to view data across multiple classified and unclassified networks from a single desktop and share that information appropriately.
U.S. Air Force Research Laboratory is working with Trusted Computer Solutions Inc., a provider of secure data-sharing software, and Sun Microsystems, which is providing its diskless Sun Ray desktops and Solaris Common Desktop Environment to act as the user interface. Led by CIO Michael Pflueger, Intelligence Information System is deploying a fleet of desktops that lets analysts view data from as many as 13 separate networks from a single desktop on a single screen, and even drag and drop documents and data from one network to another. Previously, analysts had to log on to separate systems to access each network. The U.S. Air Force Research Laboratory had never been able to convince security-conscious policy makers that the new setup could be implemented without compromising security, but that changed in the wake of the 9/11 Commission's report. "The big push coming out of 9/11 was information sharing," Durante says.
Now analysts simply plug an identification card or some other type of smart card into a Sun Ray system, and they can view data from any network they're authorized to access, Durante says. Without the proper access card, user name, and password, a Sun Ray is unusable. Trusted Computer Solutions' SecureOffice Trusted Workstation thin-client software, which scans for viruses, also monitors keywords within documents and ensures that data that shouldn't be moved from one network to another isn't. The word "frequency" in a document, for example, generally indicates that a file contains sensitive communications data that mustn't be copied from its current domain. That said, even documents residing on secret, classified, and top-secret networks contain unclassified data that analysts can easily push out to other intelligence analysts and operatives as warranted, Durante says.